Executive Summary The malware analyzed script employs a PowerShell-based obfuscation technique using Base64 encoding and XOR manipulation to conceal its payload. The malware communicates with a co...

Executive Summary The provided VBA code contains a malicious macro that leverages Windows API functions like LoadLibrary, GetProcAddress, and CallWindowProc to execute encoded payloads. It defines...

Executive Summary A malicious program named “srvcp.exe” performs backdoor activities while hiding its presence and execution. A registry entry adds data with the key “srvcp.exe” under the CurrentV...

Executive Summary Backdoor.dll sets up a reverse shell that connects to a remote server, listens for incoming commands, and executes them on the infected machine. It uses standard Windows networki...

Executive Summary The code obfuscates files and directories by validating input, deriving an encryption key using an MD5 hash, and applying custom XOR-based encryption (xtea_encrypt and xxtea_encry...

Executive Summary The program executes “office.exe” with various command lines and parent processes from the "C:\Users\Public\Desktop" directory. It also runs "GetCurrentDeploy.dll" and writes val...

Executive Summary This program performs a malicious operation on the computer by encrypting various file types, rendering them inaccessible to the user. It specifically targets files with certain ...

During 28th of December 2024. Our team Team Farmus manage to get into Top 3 with the patience and sheer effin will to sit infront of the laptop for straight 18 to 24 hours. By the teammates who l...

The Capture the Flag (CTF) competition is hosted by the University of Wisconsin - Stout in partnership with Universiti Kuala Lumpur (UniKL). This CTF was conducted for 5 days and was an individual ...

WRITEUP rentas CTF 2024 Welcome to the rentas CTF 2024 writeup challenge (Team scap3G04T) ! Let’s learn together :’D Reverse Engineering Forbidden Memories (Author: OS1RIS) The challenge...